Core Platform: The Power within Corero's IPS

Corero Network Security's powerful, extensible and flexible Core Platform is the foundation that drives the remarkable detection capabilities, market-leading low latency, reliability and strong performance that are hallmarks of Corero's Network Intrusion Prevention System (IPS). With Core Platform as its foundation, the IPS is an network intrusion prevention system optimization of Corero Network Security's unique Three Dimensional Protection (3DP) technology - (1) deep packet inspection and protocol behavioral analysis; (2) stateful firewall filtering and (3) patented DDoS defense with application rate, client request and connection limiting. The Core Platform combination of the most advanced hardware and ingenious software technologies provide a highly effective, reliable and powerful IPS product that accurately identifies known and heretofore unknown threats with minimum false positives and transparent in-line network performance.

Tilera Processor at the Heart

This platform, comprising a powerful Tilera 64-core processor and the CoreOS, is the foundation on which Corero Network Security developers and engineers have built and continue to build out a cohesive and integrated suite of network security products.

The ingenuity of the platform lies in an extremely powerful, yet elastic and flexible hardware appliance upon which Corero software developers have tightly integrated a highly optimized network security-specific hypervisor, which performs essential network security processing functions, including deep packet inspection and policy control.

Network security packet processing demands the power of massive parallel processing. However, this type of high-end processing is typically beset by resource management issues and performance bottlenecks that impede performance. Featuring 64 powerful cores operating in a mesh topology, Tilera processors utilize a unique cache management scheme to eliminate these problems. This is particularly critical in scaling modern network security applications in high-speed, high-volume environments. Security analysis through deep packet inspection requires processing packets not just as individual elements, but in the much broader context of flows and applications . All those processing cores, all of those packets and all that analysis have to be coalesced within a single coherent security policy.

Limits of Alternative Technologies

Alternative custom processor-based solutions offer seemingly strong credentials, but typically fall short when it come to the delivery of timely and unified responses to the ever-changing demands of network security. Application-specific integrated circuits (ASIC) are functionally constrained by programming in hardware, rather than software, trading dedicated performance for flexibility. And, field-programmable gate array (FPGA) chips offer only limited flexibility. The extreme performance baked into specialized silicon is fine when the required security functions are limited, such as within a network firewall, but that's not how things are in the modern security environment. The scope of security and the threat landscape around our networks is vast, complex and changing, and the development of custom silicon simply cannot keep pace.

The Corero Platform is a forward-looking and proven vehicle that delivers the power of custom silicon with the flexibility of software, giving Corero's Ninja developers the ability to respond rapidly to new demands in the rapidly changing network security environment.

CoreOS is the Intelligence

CoreOS is the software portion of the Core Platform, providing the essential foundation capabilities for network security processing, including packet handling, deep packet inspection and policy management, covered by the CoreOS through:

  • Rate management of network through to application layer objects
  • Policy enforcement though an integrated set of rules that spans all functions within CoreOS
  • Packet analysis and validation, including protocol parsing and payload inspection

These three tightly integrated functional areas combine to perform the functional heavy lifting, and utilize a performance-oriented abstraction layer at the heart of CoreOS that "talks" directly to the mesh of 64 cores, leveraging Tilera's unique processing capabilities to minimize latency and maximize throughput.

By virtue of this architecture, Corero developers are provided granular control to assign optimal processing power from the 64 processor cores and to address targeted capabilities and their component application functions according to the requirements of the particular product. For example, the Corero IPS product line, while offering a number of rate-based protections, requires a much greater portion of the appliance's resources to be devoted to packet analysis for malware and vulnerability detection and protection. On the other hand, Corero DDoS Defense System products require heavy emphasis on rate management to throttle the flow of attack traffic and allow legitimate traffic to flow freely, but still require packet analysis to differentiate between good and bad traffic.

Clustering is also intrinsic to CoreOS, augmenting processing power, interface density or IO bandwidth, while allowing the physical devices in the cluster to behave and be managed as a single logical unit. The CoreOS cluster is designed for near linear performance scaling and provides highly available, resilient solutions with minimum management and topological complexity.

The Core Platform is at the heart of Corero's IPS, guarding your network against the automated and targeted attacks that cost your business time, resources and money, and threaten the corporate brand.